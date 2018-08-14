Continuing its commitment to promoting shared responsibility for safe
and secure IoT deployments, PTC
(NASDAQ: PTC) today has unveiled a Coordinated
Vulnerability Disclosure (CVD) Program. The new program is designed
to support the reporting and remediation of security vulnerabilities
that could potentially affect the environments in which PTC products
operate, including industrial and safety-critical industries.
The CVD Program is an essential component of PTC’s Shared
Responsibility Model, which defines a
framework for cybersecurity collaboration with customers, partners, and
others within the industry. PTC’s CEO Jim Heppelmann highlighted this
thought-leadership during his keynote presentation at the recent LiveWorx
industry event, inviting partners and customers to work together
with PTC to improve security by taking responsibility – and embracing
speed – for the security responsibilities under their control.
As an extension to its Shared Responsibility Model, PTC’s CVD
Program seeks contributions from external researchers who detect
vulnerabilities in PTC’s ThingWorx-branded products. PTC invites both
private individuals and organizations to report security vulnerabilities
following a well-defined process, which aligns with the National
Telecommunications and Information Administration (NTIA) Safety Working
Group’s template. This program ensures that researchers can count on PTC
to cooperate to protect its customers and the safety/privacy of the
public.
The IoT market is at a tipping point, with IoT spending expected to
reach $1.2 trillion in 2022, according to a recent
IDC guide. “As organizations continue to invest in IoT, it is
equally important that efforts are made across the entire IoT ecosystem
to secure these end points and environments,” said Stacy Crook, research
director, IoT, IDC.
“Sophisticated software and hyper-connectivity are fueling innovation at
an unprecedented pace,” said Joshua Corman, SVP and chief security
officer, PTC. “Those conditions can potentially introduce new classes of
accidents and adversaries. In this new world order, cyber safety and
security must become everyone’s responsibility, and we must work
together to address such threats. PTC’s CVD Program is one significant
step toward such collaboration, inviting private individuals and
organizations to identify and communicate security vulnerabilities in a
way that we can quickly assess, mitigate, and take corrective action to
help further secure our products and customer implementations.”
More information, including reporting guidelines, can be found online
here: https://www.ptc.com/en/documents/security/coordinated-vulnerability-disclosure.
